Black Box Notes

From Bev Harris, author of Black Box Voting:

16 DEC 2003, Seattle WA - This is of national interest. Bev Harris, author of "Black Box Voting" and Andy Stephenson, a democratic candidate for Washington secretary of state, have uncovered new holes in the electoral system in King County and in as many as 14 additional states.

These security breaches affect both the optical scan systems (fill-in-the-dot or draw-the-line) and touch screen voting systems, and may also indicate significant security problems with absentee voting procedures.

At the Tuesday press conference, Harris and Stephenson will distribute a packet of documents to support their findings. Whereas electronic voting concerns have focused on complex issues like cryptographic security and computer source code, the new security flaws uncovered by Harris and Stephenson are more serious and also easier to explain. Because the subject matter is sensitive, reporters will want copies of the original documents to substantiate the findings, and these will be released at the news conference.

This information affects four counties in Washington State and locations in Florida, Georgia, Kansas, Kentucky, California, Arizona, New Mexico, Colorado, Texas, Maryland and Virginia.

"What we have are two intertwined security breaches which deserve immediate attention from the U.S. Congress," says Stephenson. "We need to address procedural safeguards as soon as possible to put a halt to these problems and prevent them from ever happening again."

A 20-page dossier will provide the specific U.S. locations affected, as well as the details on multiple security breaches which may have compromised the integrity of at least two dozen elections.

I haven't yet got Bev's dossier, but am familiar with at least some of what it will certainly include. All of the "official" studies to date on e-vote security focus almost entirely on the e-vote terminals (DREs) themselves. Bev will be covering the machines that tally the results from these (most certainly Diebold's), and if you are worried about the DREs, you haven't seen the tally machines yet. You could steal a whole state at once from these.

The Press Conference itself: 2 p.m. Tue. December 16 - Seattle Labor Temple - 2800 First Ave. - Seattle. When I get a link to Bev's dossier, I'll add it here.

"out the yin-yang" and "any after-sale changes should be prohibitively expensive," says "Ken", a Diebold employee, in a memo he wrote on Jan. 3, 2003. Ken is referring to the possibility that Maryland might ask Diebold to retrofit their e-vote machines with ballot printers:

"There is an important point that seems to be missed by all these articles: they already bought the system. At this point they are just closing the barn door. Let's just hope that as a company we are smart enough to charge out the yin if they try to change the rules now and legislate voter receipts."

So just what exactly does "out the yin-yang" mean?

State Board of Elections Administrator Linda H. Lamone told The Gazette last month that Diebold had given a preliminary estimate of $1,000 to $1,200 per machine to add printouts, or up to $20 million for the state's more than 16,000 machines.

So what should the cost of a retrofitted ballot printer be? According to news reports, the cost cited by one of Diebold's competitors was about $500 a machine. This is in line with my previous report, where Palm Beach County (which uses Sequoia e-vote machines) was offered an estimate of about $600 per machine for such a retrofit.

Price gouging, anyone? Thy name is Diebold.

---

State Board of Elections Administrator Linda H. Lamone (a Democrat) comes in for direct criticism in an earlier (Dec. 18, 2002) e-mail purportedly written by Sue Page, one of Diebold's Maryland project managers:

"Linda Lamone ... makes public statements airing dirty laundry and casting doubt. She's about power and control. She feels powerful when she makes negative comments. What she misses is that her negative comments reflect negatively on her. She should be proud of and support her initiative of a state wide voting change, rather than casting doubt on her own decision."
and
"There's not much that we can do, other than hope that a new Republican Governor will effect change."

In fact, Lamone, a Democrat, has been battling to keep her job amidst efforts from Gov. Robert L. Ehrlich Jr. (R) to install a Republican elections chief. Four of the five board members would have to vote to remove Lamone; three are Republicans and two are Democrats.

So much for Diebold's claims that it's e-vote machines are secure. It seems that not even their widely-implemented ATMs can withstand the on-slaught of dedicated hackers.

OK, the Diebold ATM people are not the Diebold people who make their e-vote machines -- They're in totally different divisions of Diebold. But here's why it still matters.

Diebold ATMs used to use IBM's OS/2 operating system, but changed over to Microsoft Windows at the urging of their banking customers (for reasons discussed in this article). Diebold Election Systems has always used the Windows operating system (CE) for its e-vote machines.

In vulnerability terms, there is probably nothing inherently wrong with the Windows operating system that is not probably (in some fashion, at least) also wrong in other operating systems. Windows vulnerabilities instead are a function of its own great success; if you are going to spend time hacking, chances are that you are going to try hacking where it willhave the greatest effect; i.e., Windows, a victim of its own success. Security experts agree. Diebold's move to Windows for their ATMs was an "horrendous security mistake", literally an invitation to hackers.

---

Allow me to get technical. The only thing an operating system offers any computer is an abiltiy to multi-task (run multiple programs simultaneously). Single-use computers (ATMs, e-vote machines, etc.) simply do not require operating systems. The only reason they are used on single-use machines is for cost considerations.

In addition to providing a multi-tasking environment, today's operating systems also come bundled with useful subroutines (in Windows, ".dll" file extensions, a.k.a., application extensions). Subroutines do lots of great things. They refresh your monitor's display, accept keyboard input, manage communications over a modem, and a great deal more. But they can be implemented regardless of the existance of an operating system, and indeed, we did so in the early days of computers. So the manufacturers of single-use computers use operating systems merely for the convenience of the subroutines they provide.

The bottom line is that single-use computers have no need for an operating system. Every functionality demanded of them can be provided without one. While an operating system can also provide communications interfaces (subroutines) at a low cost, the very vulnerabilities offered by operating systems should preclude absolutely their use in single-use secure applications.

And I used to bill $500/day for this. Go figure.

This from Bartcop. Strange results from the 2002 election (familiar to some readers) brought to you by Diebold Election Systems:

• Poll by Atlanta Journal Constitution/WSB-TV of 800 likely voters on Nov. 1 For Georgia Governor

  Roy Barnes (D) 51% up 11
  Sonny Perdue (R) 40%

  ** "Official Results" from the Diebold e-vote machines on Nov. 5

  Roy Barnes (D) 46%
  Sonny Perdue (R) 51% up 5 - that's a 16-point pro-Bush swing

  Was it magic?

  ---

• Poll by Atlanta Journal Constitution Nov. 1 for Georgia Senate

  Max Cleland (D) 49% up 5
  Saxby Chambliss (R) 44%

  ** "Official Results" from the Diebold e-vote machines on Nov. 5

  Max Cleland (D) 46%
  Saxby Chambliss (R) 53% up 7 - that's a 13-point pro-Bush swing

  Was it magic?

  ---

• Poll by MSNBC/Zogby on Nov. 3 for Colorado Senate

  Tom Strickland (D) 53% up 9
  Wayne Allard (R) 44%

  ** "Official Results" from the Diebold e-vote machines on Nov. 5

  Tom Strickland (D) 46%
  Wayne Allard (R) 51% up 5 - that's a 14-point pro-Bush swing

  Was it magic?

  ---

• Minneapolis Star-Tribune Poll on Nov. 3 for Minnesota Senate

  Walter Mondale (D) 46% up 5
  Norm Coleman (R) 41%

  ** "Official Results" from the Diebold e-vote machines on Nov. 5

  Norm Coleman (R) 50%
  Walter Mondale (D) 47% up 3 - that's an 8-point pro-Bush swing

  Was it magic?

  ---

• Poll by St. Louis Dispatch/Zogby on Nov. 3 for Illinois Governor

  Rod Blagojevich (D) 52% up 7
  Jim Ryan (R) 45%

  ** "Official Results" from the Diebold e-vote machines on Nov. 5

  Rod Blagojevich (D) 43%
  Jim Ryan (R) 44% up 1 - that's an 8-point pro-Bush swing

  Was it magic?

  ---

• Poll by Concord, NH Monitor on Nov. 3 for New Hampshire Senate

  Jeanne Shaheen (D) 47% up 1
  John E. Sununu (R) 46%

  ** "Official Results" from the Diebold e-vote machines on Nov. 5

  Jeanne Shaheen (D) 47%
  John E. Sununu (R) 51% up 4 - that's a 5-point pro-Bush swing

  Was it magic?

In just two cases, Diebold e-vote machines delivered office to Democrats against the pre-election polls, but both of these were 3 points or less, well within the polling margin of error.

       Is this magic?

You'll have to scroll down about half way to find this, but it seems that Maria Perez, apparently a registered Democrat, filed papers to run for as a write-in candidate for Florida House District 91 (beach-front property from Palm Beach to Miami ... i.e., very rich and very Republican). So why would this be an issue?

Maria filed her papers with many errors. Her address is wrong(?) and she provided quite incomplete financial disclosure. But by doing so as the only Democrat for that district and by having her application accepted in spite of her errors, the filing would excluded Democratic and Independent participation in the Republican primary for that seat. The filing would also forced a general election to be held (at a cost to local taxpayers of $175,000) in which only the name of the successful primary Republican would appear on the general election ballot. Maria's name, while a qualified write-in, would not actually appear on that ballot. Only the winning Repubican's name will appear. Essentially, an election with a single candidate. But is this a problem?

Actually yes under Florida law. Florida law provides that when all candidates are from a single party, all voters can vote in that election, the theory being that this single party primary is actually in reality the general election. So what Maria's would do is not only force this waste of $175,000 of taxpayer money, but would also precluded any citizen participation in the selection of their representative from anyone who is not a Republican. The suggestion of course is that Ms. Perez is a Republican plant, but why would the Republican "machine" be involved in this? Wouldn't any Republican be sufficient? Not quite.

It seems that party locals support the more right-wing Oliver Parker, while the more centrist Ellyn Bogdanoff has run a broader campaign that will be more acceptable to the general electorate, clearly thinkng that the Republican primary for her district would actually serve as the general election. Ms. Perez, an unknown among the local Democratic Party, initially said that she understood nothing of any of this has now decided to refuse all media contact. (Links via Counterspin Central.)

Update: A day after she was accused of fraud in a lawsuit, write-in candidate Ms. Perez asked to have her name removed from the election, indicating that, "If elected, I will not serve." While intitially there was some concern as to whether this could actually be done, the election board has now indicated that they will honor her request for removal, thereby re-openning the primary to all voters.

The mystery remains however as to whether or not this was actually an attempt to close the Republican primary. It should be noted however that this action is totally legal under current Florida election law. To that end, Democratic Senators Skip Campbell of Fort Lauderdale and David Aronberg of West Palm Beach have filed a bill in the Florida legislature to close the "write-in loophole".

---

Of course, such election scamming has a long and proud tradition in Florida. Even my recently-posted "" pales in comparison to the Democratic vote scams of the early 70's in South Florida, during which votes were frequently never even counted, but rather were simply replaced with pre-determined results. The book that tells this remarkable story is called VoteScam. The first eight chapters of this book are serialized here. You can also read an afterward by the daughter of one of the authors here, as well as purchase the book and an associated video. This is really amazing stuff, even if you only read the segments available on-line.

If I might editorialize a bit here: We who are black box advocates large come from the left. It is important to note however that over-zealous Republicans have hardly cornered the market on vote scamming. Both parties, especially when either gains a firm advantage in an area, tend to find similar over-zealousness from among their membership. It will hardly do to simply replace vote scamming by one party with vote scamming by the other. Vote scamming is no more right because you benefit from it than it is when you do not.

An additional $830 million for improving voting systems has become available to states and localities now that the Senate has confirmed members of the new Election Advisory Commission. The commission is to provide advice on technology, election standards and other steps to improve voting integrity. Although Congress initially allocated $1.5 billion in the 2003 budget year for election reform, the $830 million was withheld pending the selection and seating of commission members.

The commission is made up of four members, two selected by Republicans and two by Democrats. The four commissioners selected are Paul DeGregorio of the International Foundation for Election Systems; Gracia Hillman, former senior coordinator of international women's issues at the State Department; Raymundo Martinez III, a Clinton administration presidential assistant for intergovernmental affairs; and Deforest Soaries Jr., former New Jersey Secretary of State.

Congressional leaders also decided to add $1 billion for election system reform to the 2004 budget, the second year of a program envisioned to conclude in 2005. This was up from an originally-requested $500 million for the 2004 budget years.

Presidential candidate Dennis J. Kucinich has called the Department of Defense awarding of a contract for a new system for electronic voting for military personnel living overseas to the firm that was at the heart of the Enron accounting scandal inherently flawed and unacceptable. The contract was awarded to Accenture, formerly called Arthur Anderson Consulting, now rebranded and based in Bermuda. It has had numerous failings in its operation of government contracted computer systems by "running up excessive charges, failing to meet basic system criteria, having incomplete or duplicate records, and long backlogs."

While voting services for our servicemen and women should be improved, contracting out this work to the very company at the heart of the Enron accounting scandal is unacceptable," stated Kucinich. "Arthur Andersen couldn't count Enron's dollars, why should we trust its progeny, Accenture, to count the votes of our military personnel.

While it would be convenient for personnel to use a computer in an Internet café or library where they are stationed overseas, the security and ownership of those computers is completely unknown," continued Kucinich. "It is too much to ask any American citizen to trust the privacy of their vote to an unknown computer in an unknown overseas location with unknown ownership. Our service members serving overseas deserve to cast their votes with the same privacy and security that every citizen here in the states does. This plan is nothing short of outsourcing the 2000 Florida election debacle overseas.

Privatizing the counting of votes? To a Bermuda corporation? Whatever happened to the federal requirement for transparency? How can we expect these people to run our laws when they either don't know what they are or don't care?

In a speech last Saturday, Democratic presidential candidate John Edwards called on President Bush to return more than $100,000 donated to his campaign by a Walden O'Dell, head of Diebold Election Systems, saying the relationship could damage confidence in elections. According to the New York Times, O'Dell wrote a letter to Republican contributors in August that said "I am committed to helping Ohio deliver its electoral votes to the president next year." Said Edwards, "people who make voting machines need to be real careful when they talk about delivering elections."

Edwards also took a swipe at the touch screen voting machines made by Diebold, which some computer experts have questioned as lacking adequate security, saying, "We now have touch screen voting machines that some people think are just as bad as a butterfly ballot."

Robert X. Cringely writes an important review of the current state of the elctronic voting, essentialy viewing it as an information technology (IT) project subject to the same failures so common to IT projects in general:

In the case of this voting fiasco, there was a wonderful confluence of events. There was a vague product requirement coming from an agency that doesn't really understand technology (the U.S. Congress), foisting a system on other government agencies that may not have asked for it. There was a relatively small time frame for development and a lot of money. Finally, the government did not allow for even the notion of failure. By 2004, darn it, we'd all have touch screen voting.

Oh, and there are only three vendors, all of whom have precisely the same motivation (to make as much money as possible) and understanding (that Congress would buy its way out of technical trouble if it had to). This gave the vendors every reason to put their third string people on the project because doing so would mean more profit, not less.

One definition of insanity is doing the same thing over and over again, somehow expecting a different outcome. In this instance, the issue isn't whether Diebold and the other vendors were insane (they aren't), but whether the government is.

As Cringely correctly points out, complete failures are common in IT projects, and at least some failure occurs in a large majority of all IT projects. Even successful IT projects rarely come in on time, and almost never come in on budget. (I have only seen one major IT project do this during my 40 year involvement in IT.) Now, there are many reasons why IT projects fail, but perhaps the single reason that will guarantee failure is a lack of complete involvement by the end user from the very start of the project. Certainly, this is the exact case with the development of e-voting machines. In fact, there was zero involvement by the end user until it was time to buy what the e-vote manufacturers had developed.

Finally, Cringely asks the obvious question: Who exactly made the decision not to include a paper trail in these machines? This I think is obvious: the manufacturers themselves. Not only that, but each of the early arrivals made the same decision simultaneously, without consultation with each other, and for the exact same reasons. First, the market for these machines opened quite suddenly, and because of the large federal infusion of cash, sales were sure to be brisk. Given the short timeframe, whoever got to this market first would likely take the lion's share of this cash. How better to get there first than to trim product specifications in every possible way including the elimination of a paper audit. Certainly, there was nothing in the federal specifications barring this, and it would have the additional benefit of making the end product more price competitive. And further, since the end user was not particularly computer literate (having not been involved in the development process), they could be counted on to not notice the lack of auditability. If they suddenly became aware of it, that also would be no problem, as the manufacturers could then simply retrofit their already sold systems, generating additional profits in the process. In other words, things happened this way because it was the only way in which they could happen.

Via Election Law Blog, a great resource for current news on all aspects of election law.

Important Notice:

Black Box Activist Bev Harris will be interviewed on the Mary Anne Williamson Show on Wednesday, December 10, 2003. The show will air from 3-5 P.M. EST, and is available on the internet via streaming feeds for WinAmp, Windows Media Player, and RealPlayer. All feeds support dial-up modems.

Note that the Thom Hartman Radio Show precedes this program (M-F, Noon-3 P.M.) on the same internet feed. It you haven't tuned in to Thom's program yet, check it out. [Other feeds for Thom's program (both live and archived) are available here.]

---

Also, two previous interviews (BuzzFlash) with Bev:

• December 4, 2003: On Diebold harassment, her new book, and the shortcomings of H.R. 2239
• September 29, 2003: On four ways that e-vote machines threaten democracy, e-vote companies and their interrelationships, and particulars regarding Diebold problems

U.S. Senator Bob Graham filed a bill Tuesday that would require touch-screen voting machines to create a paper record of all votes. In addition to a paper record, the Voter Verification Act would require surprise recounts in one half of one percent of voting jurisdictions. Precincts would have to have equipment in place to produce paper records by the 2004 presidential election. The bill mirrors a similar bill sponsored by Rep. Rush Holt of New Jersey, now pending in the House.

[NOTE: As of this writing, Sen. Graham's bill is not yet listed on Thomas.]

Apparently Florida Secretary of State Glenda Hood² doesn't agree with California Secretary of State Kevin Shelley's recent decision to require e-vote paper-trails by 2006. While Hood says that Florida will be "very open-minded" in reviewing any printers submitted to the state for certification, the choice on whether to use them (if certified) would be left to the individual counties. Hood said making a paper trail a statewide requirement is not necessary because Florida has multiple safeguards to assure the accuracy and security of touch screens, which are now used in 15 Florida other counties ². This position echoes the position of the Florida State Association of Supervisors of Elections, which issued a six-page statement last month defending touch screens and their reliability. Among the concerns expressed by this group are access for voters who are disabled and non-English speaking voters, issues also brought up by the equivalent organization in California. Other concerns expressed include paper jams, running out of ink and paper, and additional labor and costs.³ The Florida supervisors' report also accuses touch-screen critics of "committing a huge disservice to the voting public. The continued unfounded attacks on these systems erode the public's confidence."

¹ Glenda Hood of course replaced Katherine Harris as Florida's Secretary of State. Harris was (almost) single-handedly responsible for the illegal disenfranchisement of over 65,000 black voters during the Florida 2000 election. For this, she was elected to the U.S. House in 2002, the same year that Jeb Bush was re-elected as Florida's governor. The disenfranchised black voters were not restored to Florida's voting roles until 2003. [See Katherine Harris below]
² Palm Beach County uses Sequoia e-voting machines. Of Florida's 14 other counties currently using e-vote technology, 11 of them use ES&S. Thirty counties use Diebold's optical-scan system, but none has purchased the touch-screen version. In all, some 56.6 percent of the state's 9.4 million registered voters will face the Sequoia or ES&S touch-screen systems (so far) when they go to the polls next November.
³ Sequoia indicates that a ballot printer would add about $500 to the cost of an electronic voting machine.

---

Pardon my rant: So Florida's arguments against paper ballot back-up (at least its stated ones thus far) are threefold:

1. Access for handicapped and non-English voters
2. Advocate groups eroding the public's confidence
3. Additional costs and possible problems

All of this is nonsense. In the first case, the problem is purely a technical one, and for most of it, technical solutions already exist. In the rare cases where technical solutions might not yet be readily available, certainly no one would advocate against using older technologies to allow enfranchisement of affected voters. In a most real sense, black box advocacy is all about full enfranchisement of voters. For this to be to be realized, not only must all have access to the ballot as well as that all cast ballots must be accurately counted.

This of course brings me to their second point about advocate groups eroding public confidence. This is true. In fact, it is our only possible strategy. But according to the Supervisors of Elections' statement, the public's confidence is the real goal, and not that the public's confidence be well-founded. This logic baffles me. It suggests strongly that there is a serious disconnect somewhere; that their majority does not really understand what their job goals are.

Finally, the additional costs and problems. Certainly, there are additional costs, but these come with an important additional benefit; namely that voters can begin to have real confidence in their elections as opposed to a lulled and disassociated confidence. As for additional problems with the e-vote machine's printing performance, these are or should be procedural. To the extent that they are not, they are manufacturing problems, and should be addressed and paid for by the manufacturers. There is simply NO reason why multimillion dollar computer purchases should be conducted without what is called "maintenance contracts" which place the risks of malfunction on the manufacturer. While this seems to be the case with as far as I can see, the Diebold/Georgia 2002 case [Black Box Voting, download the PDFs or purchase the book] certainly indicates a lack of adequate sophistication on the part of states for properly constructing these contracts.

So the Florida arguments against paper ballot back-up are moot. They are either the strawmen of avoidence, or they are simply symptoms of how much more education we black box advocates have a lot of education left to do, even among our supposedly best educated.

---

Katherine Harris

Harris, a first term U.S. House Representative, is now eyeing a run for the U.S. Senate seat being vacated by Democrat Bob Graham, a move being similarly eyed by both the left and the right. Beltway Republicans fear that her candidacy for the Senate might generate a large Democratic backlash in Florida as a result of the 2000 election there, perhaps costing Bush the state and possibly the election itself, but Governor Jeb (the President's brother) has issued a stern warning about the national party overly interfering in state matters. Florida Democrats, on the other hand, welcome the entry of Harris for the Senate seat, hoping for exactly what the Beltway Republicans fear. Florida is after all a microcosm of the U.S. with simply north and south reversed.

Such polarization for the Florida vote can be easily envisioned by anyone familiar with the Harris role in denying the Gore-requested recounts of 2000. As polarizing as her role in this might be, this is after the 2000 election took place. Few understand Harris' role before the election, a role that had she not played, the aftermath would never have occurred. All of this is well documented in Chapter One (The Unreported Story of How They Fixed the Vote in Florida) of Greg Palast's new edition of "The Best Democracy Money Can Buy", a chapter also serialized on Working Assets. If you don't know who Harris is yet, read this. It will knock your socks off.

• Part 1 - Jim Crow in Cyberspace
• Part 2 - Silence of the Media Lambs
• Part 3 - A Black-List Burning for Bush
• Part 4 - Disappeared Voters
• Part 5 - From Planning to Execution to Inauguration
• Part 6 - McKinney Nails the Confession
• Part 7 - Voting Machine Apartheid
• Part 8 - Katherine Harris -- 'Twisted'
• Part 9 - The Katherine Harris Touch: Vote Rustling by Computer
• Part 10 - Jim Crow in Cyberspace: Stealing 2004

Katherine Harris is now a U.S. Representative for the State of Florida. She should not be. She should instead be one of our felons, disenfranchised as she suceeded in making so many others without proper cause.

Washington State has become the eighth state to cancel it's 2004 Presidential primary, citing it as overly expensive in a state which is facing severe budgetary woes. The decision, which was made Friday, has been anticipated for some time. Other states also cancelling their primaries have expressed different rationales as being their lead reason for doing so, but the budgetary aspect is generally cited as at least a benefit, if not the primary motivation.

---

All of this comes as no great loss to me. I am no fan of the primary system (especially with its multitudes of variations), and I do not believe that states should be financing in any way (esp., using general tax revenues) what is essentially a private decision by the individual parties as to who should represent them. I am not against the parties themselves using a state-wide vote to determine this; that is their option. But do I believe that they themselves should pay the associated costs should they select this option, and not leave the tab to be picked up by voters of whom are many are not enfranchised in these selections.

Though this is my first public statement addressing this issue, I have previously mentioned my views on this to active voters and even party activists (both major parties), and given my "howls" for the "purity" of the vote, most are surprised that I hold this view. Wouldn't this, they've asked, disempower the very voters that I otherwise am seeking to protect? Perhaps, but no, not really. Allow me to expand on this.

First, a matter of business: I am a registered independent and always have been. I tend to vote liberal, and that generally leads me to favor Democrats. I have never been a registered voter in a state that allows cross-party voting during a primary. (More on this below.)

As I mentioned above, I do not see any reason why tax revenues should be spent on the selection of who will represent a private political party in a general election. Doing so is nothing short of a subsidy of what private party. But let's look at this in terms of how it plays out in the various primary systems:

• The caucus: Activists from individual parties have an overwhelming control in the selection of that state's selection of their party candidates. If you also want to participate, you need only become a party activist there. Fair enough, and I approve.

• Cross-party voting during primaries: This system makes no sense to me. If you are not a member of the party, why should you have any say? I disapprove entirely.

• Party members only and binding: In this system, the vote by party members leads to the selection of delegates to the national convention that are bound (on the first round vote only) to vote according to the voters' wishes. An improvement, but subject to massive abuse. Simply look to the upcoming election for the perfect example of this. A strong incumbent (Bush) allows Republicans to re-register as Democrats simply to screw with the Democrats' selection process. Better than the cross-party implementation, but clearly not adequate. I disapprove.

• Party members only, but non-binding: This is pure nonsense, and it is the system used by Washington State. This is not a vote; it is a taxpayer financed poll. I disapprove entirely.

These are pretty much the four choices we use in primaries, and might suggest to some that I think the caucus system is the only viable system for selecting party nominees. This is not the case. As I said above, parties should pay for their own private elections should they wish to have them. In doing so, they should also have complete control of who is actually consider a member of the party and who is not. This would allow them to weed out those who might have recently switched parties solely to tamper with their selection process. In fact, I would greatly prefer this over the caucus process, though either would be fine with me.

At this point of course, many would suggest that the caucus sytem would overwhelm any party-paid voting system, and I too would expect that to become the case. Many would say that this is a form of disenfranchisement, but it is not. Party voting is not general election voting; it cannot select a government official. It can only select a candidate. The fear here is that the selected candidates will increasingly become unreflective of the will of the party's rank-and-file voters. So what? To the extent that a party does this, they will move towards irrelevancy. In other words, they will die.

Political parties are Social Darwinist in nature. They have a will to survive. Those not satisfied will move on, and when enough do, the party will move to recapture them. For those who remain, they will move also simply for self-preservation. They have no choice. It's either move or die. And if they die, something else more effective with arise to replace them.

To: Paul Krugman

Thank you for addressing this issue, and thank you especially for your mention of Bev Harris, who must be viewed as almost "the grandmother" of this issue. It was perhaps two years ago that she brought me "into the fold" on this, and certainly she had years of work behind her that preceded my entry into this issue.

Please let me assure you that this is not just the fears of a bunch of technophobes. I myself have been into computers for 40 years (vacuum tubes, anyone?) I know what makes computer systems good and bad, and I have myself been inside of the Diebold code. Yes, I am aware that Diebold has said that "our version" of it is out of date, and I have no doubt of that; all computer coding is in a constant state of adaptation. Still, it is my professional opinion that "their version" of it could not be worse, and that nothing short of a total re-design can fix its inherent design flaws. If it were designed with hacking as a requirement, not a single line of code would have to be changed.

I point my fangs at Diebold here because they have made themselves such an obvious target with their "circle the wagons" approach to this conflict. But the fact of the matter is that the entire e-vote industry is rife with cross-breeding, and there is little evidence that Diebold's problems are unique unto itself. Certainly other e-vote companies have responded far more effectively to our concerns (which we appreciate), but there remains among us a well-founded sense that we may have some pretty vulnerable software counting our votes. And this is simply unacceptable.

Many try to phrase this as a partisan issue, given that the e-vote manufacturers are largely Republican owned. I personally reject this framing. I would just as soon toss a Democrat guilty of vote tampering in jail as a Republican. It is after all my vote! It is my most sacred right as a member of a democratic republic. Whether one steals it from me to "help" me or steals it for my opponents, it is stolen nonetheless. I cannot differentiate between the two.

Sincerely,        
Benedict@Large

Well, actually not, but a Diebold attorney promised in a conference call Monday with U.S. District Judge Jeremy Fogel that it would not sue dozens of students, computer scientists and ISP operators who received cease-and-desist letters from August to October. This is a fantastic (though inevitable) victory for us black box advocates. More than that however, it was simply the right thing for Diebold to do. According to my latest estimates, there were easily a half million copies of the Diebold memo data base downloaded, and as such, continuing their legal approach had really become an exercise in futility.

Were I to guess at this point, this has all the trappings of Diebold corporate coming down on Diebold Election Systems, who had clearly let this issue spin out of their control. It is after all about profits, and not about getting into a cat fight with cats that were not about to give up. Hopefully, this signals a new willingness on the part of Diebold Election Systems to work with us. It is after all about making them have a better product, and that of course is in their long term best interests.

Links:

• Associated Press: Electronic Voting Firm Drops Legal Case (Jim March gets a photo-op!)
• Wired News: Diebold Backs Off Legal Challenge
• The Inquirer, UK: Diebold capitulates to legal threats
• USA Today: E-vote firm backs off case against free speech advocates
• Electronic Frontier Foundation: Links to articles and PDFs relating to the progression of this case
• TalkLeft: Diebold Drops Plans to Sue Internet Critics
• Google News: Latest Headlines

This is big time. All those articles that mentioned the John Hopkins (quite limited) study of the Diebold code, but never mentioned where they got it from or the more advanced work that had been done prior to their study? You remember them. Bev Harris and her cohorts were after all not "experts", and so did not deserve editorial mention. Until now.

How times have changed. In today's New York Times, none other than Paul Krugman puts Bev right in the spotlight in his "Hack the Vote" editorial. We're not on the margins anymore. We are now mainstreamed.

Read the editorial, take a visit to Bev's site, and if you are so inclined, drop her an e-mail to say thank you for all that she has done.

... also pipes in on the Krugman article. Not much from Matt, who admits an aversion to the issue, but the comments (including my rather lengthy one) might be of interest to you.

After all of their recent efforts to prevent their code and internal memos from being distributed on the internet via "take down" actions, Presidential-hopeful Dennis Kucinich has decided to publish selected incriminating Diebold memos on his House website as he launches an investigation of their possible vilations of federal elections laws.

OK, Diebold, what's next? Are you planning to issue a "take down" for house.gov?

Via Cyndy Roy at American Samizdat

---

This probably doesn't make any difference. Diebold is a large company offering many products beyond their e-vote machines, and each division is responsible for their own security vulnerabilities. But Diebold ATMs were compromised by the Nachi worm in August. If this means anything for voting security advocates, it means that truely talented security professions are in short order.

California Secretary of State Kevin Shelley announced Friday that all e-voting machines in the state must produce a voter-verifiable paper audit trail. According to his announcement, any e-voting machines purchased after July 1, 2005, must produce a voter-verifiable receipt. Machines purchased before then must be retrofitted with printers to produce a receipt by July 1, 2006.

Obviously however, some folks just don't get it, and this time it is the California Association of Clerks and Election Officials (CACEO). Claiming that Shelley had "overstepped his bounds", CACEO head and Shasta County Clerk Ann Reed called the decision "a major defeat for the disabled community, as well as the minority-language communities." Riverside County Registrar of Voters Mischelle Townsend said she could not say yet whether the CACEO would pursue legal action against the state, but the group will be meeting next week to discuss its response.

---

Comments: Groups like CACEO perhaps are our greatest hurdle because they are the people charged with running our elections (and purchasing this technology). Unfortunately, many of these people are simply in over their heads when it comes to technology issues.

CACEO is of course correct to be concerned with disability and minority-language access to the voting booth. The problem is that they view such access to be unaddressible by technology, when clearly it is not. Whatever solutions have been implemented to provide for these concerns on e-vote machines without printers can certainly be extended to e-vote machines with printers, and if to any extent it might not, no one would object to alternative methods of providing voting booth access to those with problems.

And this is the problem. We have thousands of people making these decisions on e-vote technology when too few of them have and understanding of the technology itself. In business when a similar problem is encountered, the solution is obvious: Hire a consultant to evaluate the options and separate real from imagined problems. The problem is that qualified consultants are quite expensive, and when product selection is at a county level, they are simply too expense. In Maryland, where the product selection was conducted at the state level, the consultant option was indeed used, and though I've previously expressed my reservations regarding what I consider to be their premature selection of Diebold, they at least appear to be on the right track on the security problems they face as a result of that selection.